===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/servconf.c,v
retrieving revision 1.189
retrieving revision 1.190
diff -u -r1.189 -r1.190
--- src/usr.bin/ssh/servconf.c	2008/11/03 08:59:41	1.189
+++ src/usr.bin/ssh/servconf.c	2008/11/04 08:22:13	1.190
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.189 2008/11/03 08:59:41 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.190 2008/11/04 08:22:13 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -120,6 +120,7 @@
 	options->num_permitted_opens = -1;
 	options->adm_forced_command = NULL;
 	options->chroot_directory = NULL;
+	options->zero_knowledge_password_authentication = -1;
 }
 
 void
@@ -246,6 +247,8 @@
 		options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
 	if (options->permit_tun == -1)
 		options->permit_tun = SSH_TUNMODE_NO;
+	if (options->zero_knowledge_password_authentication == -1)
+		options->zero_knowledge_password_authentication = 0;
 
 	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
@@ -277,6 +280,7 @@
 	sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
 	sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
 	sUsePrivilegeSeparation, sAllowAgentForwarding,
+	sZeroKnowledgePasswordAuthentication,
 	sDeprecated, sUnsupported
 } ServerOpCodes;
 
@@ -331,6 +335,11 @@
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
 	{ "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
+#ifdef JPAKE
+	{ "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
+#else
+	{ "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
+#endif
 	{ "checkmail", sDeprecated, SSHCFG_GLOBAL },
 	{ "listenaddress", sListenAddress, SSHCFG_GLOBAL },
 	{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
@@ -847,6 +856,10 @@
 		intptr = &options->password_authentication;
 		goto parse_flag;
 
+	case sZeroKnowledgePasswordAuthentication:
+		intptr = &options->zero_knowledge_password_authentication;
+		goto parse_flag;
+
 	case sKbdInteractiveAuthentication:
 		intptr = &options->kbd_interactive_authentication;
 		goto parse_flag;
@@ -1334,6 +1347,7 @@
 	M_CP_INTOPT(kerberos_authentication);
 	M_CP_INTOPT(hostbased_authentication);
 	M_CP_INTOPT(kbd_interactive_authentication);
+	M_CP_INTOPT(zero_knowledge_password_authentication);
 	M_CP_INTOPT(permit_root_login);
 	M_CP_INTOPT(permit_empty_passwd);
 
@@ -1532,6 +1546,10 @@
 #ifdef GSSAPI
 	dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
 	dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
+#endif
+#ifdef JPAKE
+	dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
+	    o->zero_knowledge_password_authentication);
 #endif
 	dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
 	dump_cfg_fmtint(sKbdInteractiveAuthentication,